Banks are currently one of the primary targets of criminals; quick access to cash or personal bank account information is a juicy haul. Automated teller machines (ATMs) are a security weak point and while bank-located machines usually have cameras and other security measures in place, off-site ATMs installed independently don’t have the same kind of infrastructure. There are plenty of articles on the Internet about ATM skimming, which is when a thief attaches an external device to an ATM to capture a card’s electronic data, including the PIN, in order to recreate an exact copy of the card. See this link to read an article from the North American presson ATM skimming.

It is in this context that we need to provide remote management mechanisms that ensure thieves can’t gain access to confidential information, a bank’s network or impersonate an ATM. While access control mechanisms, authentication, firewall ports, etc., can be used preventatively, a thief might still be able to gain physical access to an ATM. If there is no way to remotely block the machine, an attacker may have sufficient time before the police or security services can arrive, especially in remote areas. Here there are two very effective mechanisms to physically control the status of the ATM from a general network center:

Access to a device that disables the ATM by turning off the power to the machine. By running a command in the communications device you can control devices that physically block the power and turn off the ATM or any connected devices, thus preventing attackers from operating or running operations that depend on electricity.

If thieves cut the physical communication cables to prevent remote access to the communications device, you can still connect to the device using wireless WAN backup. Thus, although you can’t communicate any data, if the SIM is active you can send commands via SMS that turn the ATM’s power on or off. You also benefit from a dual security mechanism, since precautions need to be taken to avoid just any number accessing the device’s controls, thus only one or a few numbers must be enabled to prevent unauthorized access.

At Teldat we have both preventative and reactive security measures in place on thousands of ATMs worldwide providing full control over the devices at all times, whether by fixed-line or mobile.

About the author

Ignacio Esnozwith a degree in Technical Telecomunications Engineering (specialized in Telematics), is a Pre-Sales Engineer working at Teldat’s International Department.